Hello Mark,
Finally I had some time again to tweak arno-fwfilter a bit. Please read
my comments below.
On 28-Sep-11 12:57, Mark van Dijk wrote:
> Hi Arno,
>> I have two requests:
>> 1) Currently locations are retrieved with lynx. Could you please update
> this to use wget or curl? These are much more common on servers and are
> designed to function as backends, while lynx is more of a front-end
> program.
Done. Totally makes sense back then Curl wasn't that common that's the
reason I used.
>> 2) Could you please split RESOLVE_NAMES up into RESOLVE_SRC and
> RESOLVE_DST, and add the ability to resolve destinations? This is
> handy especially for IPv6, because IPv6-addresses can be less
> readable and thus harder to parse, especially when the reader is
> tired ;-) Maybe they can use the same colours as the src/dest IP, and
> the output can be updated a bit for when one is not using colours,
> e.g. they could be of the form src(example.com) dst(example.com).
I've implemented your idea in a slightly different matter. Use the new
FULL_INFO option to get the behavior you want.
>> 3) Perhaps maybe you can test if a resolve returns something before
> printing. This way it will not print empty lines if a resolve fails.
That's not that easy with awk unfortunately. I'm planning on rewriting
the script as a POSIX shell script but this requires a lot of work.
>>> I have currently updated 1 myself using curl (curl -L --connect-timeout
> 2).
You also need to add --silent to make this truely work properly ;-)
>> 2 was a bit harder, because I am not sure how I should add this with
> proper colours. Currently I have resolved it in the following way:
>> below the line
>> # Show destination
> ..
> ..
> printf(" %s", $i)
>> I added:
> dst=substr($i, 5, length($i)-4)
>> then, I updated the block 'if (RESOLVE_NAMES==1)' to this:
>> if (RESOLVE_NAMES==1)
> {
> printf("-")
> # If multiple names exist for one IP than only use the first (head -n1)
> syscall=sprintf("echo -n \"$(dig +short +time=1 +tries=1 -x %s 2>/dev/null |head -n1 |grep -v \";;.*\" |sed s,.$,\" \",) \" 2>2>/dev/null", substr(HOSTINFO,5,length(HOSTINFO)-4))
> system(syscall)
> if (USE_ANSI_COLORS==1) printf("\033[0m\033[1;35m")
> if (USE_HTML==1) printf("<font color=dark purple>")
> printf("-")
> syscall=sprintf("echo -n \"$(dig +short +time=1 +tries=1 -x %s 2>/dev/null |head -n1 |grep -v \";;.*\" |sed s,.$,\" \",) \" 2>/dev/null", dst)
> system(syscall)
> if (USE_ANSI_COLORS==1) printf("\033[0m")
> if (USE_HTML==1) printf("</font>")
> }
>> This is far from perfect. The oddest thing is that I have to add the
> printf("-") statement because no hostname gets printed if I don't
> add it. Even printf(" ") does not help. I'm sure you have better ways.
For now we'll just have to live with empty lines until the script has
been rewritten, I guess.
>> Looking forward to your reply,
Thanks for your suggestions.
> -Mark.
cheers,
Arno
ps. Your name sounds "Dutch" ... ?
> _______________________________________________
> Firewall mailing list
>Firewall at rocky.eld.leidenuniv.nl>http://rocky.eld.leidenuniv.nl/mailman/listinfo/firewall> Arno's (Linux IPTABLES Firewall) Homepage:
>http://rocky.eld.leidenuniv.nl>